package com.qf.shiro;

import com.qf.pojo.DtsAdmin;
import com.qf.service.AdminService;
import com.qf.service.PermService;
import com.qf.service.RoleService;
import com.qf.util.bcrypt.BCryptPasswordEncoder;
import org.apache.shiro.authc.*;
import org.apache.shiro.authz.AuthorizationInfo;
import org.apache.shiro.authz.SimpleAuthorizationInfo;
import org.apache.shiro.realm.AuthorizingRealm;
import org.apache.shiro.subject.PrincipalCollection;
import org.springframework.beans.factory.annotation.Autowired;

import java.util.List;
import java.util.Set;

/**
 * @author 千锋健哥
 */
public class AdminAuthorizingRealm extends AuthorizingRealm {
    @Autowired
    private AdminService adminService;
    @Autowired
    private RoleService roleService;
    @Autowired
    private PermService permService;

    /**
     * 授权方法：赋予用户对应的角色，权限
     *
     * @param principalCollection
     * @return
     */
    @Override
    protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principalCollection) {
//        1、获取用户对象
        DtsAdmin admin = (DtsAdmin) getAvailablePrincipal(principalCollection);
        Integer[] roleIds = admin.getRoleIds();
//        2、根据用户id，到数据库角色表中获取用户对应的角色集合
        Set<String> roles = roleService.queryRolesByIds(roleIds);
//        3、根据角色获取用户对应的权限集合
        Set<String> perms = permService.queryPermByRoleIds(roleIds);
//        4、创建shiro框架要求的授权对象
        SimpleAuthorizationInfo info = new SimpleAuthorizationInfo();
//        5、将用户的角色和权限放入shiro框架的授权对象
        info.setRoles(roles);
        info.setStringPermissions(perms);
//        6、返回shiro的授权对象
        return info;
    }

    /**
     * 认证方法：判断用户名、密码是否正确
     *
     * @param authenticationToken
     * @return
     * @throws AuthenticationException
     */
    @Override
    protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken authenticationToken) throws AuthenticationException {
//        1、获取用户输入的用户名、密码
        UsernamePasswordToken token = (UsernamePasswordToken) authenticationToken;
        String username = token.getUsername();
        String password = new String(token.getPassword());
//        2、非空判断

//        3、判断用户查询的用户对象是否正确
        List<DtsAdmin> list = adminService.findAdminByName(username);
        if (list == null || list.size() == 0) {
            throw new UnknownAccountException("找不到该用户，请核验是否有误！");
        }
//        4、判断密码是否正确
       /* if (!list.get(0).getPassword().equals(password)) {
            throw new UnknownAccountException("密码有误，请重新输入！");
        }*/
        BCryptPasswordEncoder encoder = new BCryptPasswordEncoder();
        if (!encoder.matches(password, list.get(0).getPassword())) {
            throw new UnknownAccountException("密码有误，请重新输入！");
        }
//        5、封装shiro指定的用户对象返回给shir框架处理
        //SimpleAuthenticationInfo info = new SimpleAuthenticationInfo(username, password, this.getName());
        SimpleAuthenticationInfo info = new SimpleAuthenticationInfo(list.get(0), password, this.getName());
        return info;
    }
}